Email

Microsoft seizes servers in Zeus cyberfraud

Microsoft founder and philanthropist Bill Gates speaks at the "Uniting to Combat Neglected Tropical Diseases" conference at the Royal College of Physicians in London January 30, 2012. REUTERS/Suzanne Plunkett

Microsoft Corp claimed a victory in efforts to combat online banking fraud, saying it had confiscated several servers used to steal login names and passwords, disrupting some of the world’s most sophisticated cybercrime rings.

Microsoft founder and philanthropist Bill Gates speaks at the “Uniting to Combat Neglected Tropical Diseases” conference at the Royal College of Physicians in London January 30, 2012. REUTERS/Suzanne Plunkett

The software maker said on Monday that its cybercrime investigation group also took legal and technical actions to fight notorious criminals who infect computers with a prevalent malicious software known as Zeus.

By recruiting computers into networks called botnets, Zeus logs the online activity of infected machines, providing criminals with credentials to access financial accounts.

“We’ve disrupted a critical source of money-making for digital fraudsters and cyber thieves, while gaining important information to help identify those responsible and better protect victims,” said Richard Boscovich, senior attorney for the Microsoft Digital Crimes Unit, which handled the investigation in collaboration with the financial industry.

Microsoft’s Digital Crimes Unit is worldwide team of investigators, lawyers, analysts and other specialists who fight cybercrime. A year ago they helped U.S. authorities take down a botnet known as Rustock that had been one of the biggest producers of spam e-mail. Some security experts estimated that in its heyday Rustock was responsible for half the spam in junk email bins.

The company said the moves announced Monday had not dealt a fatal blow to Zeus, which is available for download on websites frequented by criminal hackers. It is used to manage many botnets, including ones that were not impacted by Microsoft’s actions.

“The goal of this action was not to permanently shut down all impacted Zeus botnets,” Microsoft said in a release, citing the complex nature of the networks.

Microsoft said it sought to damage the operations and infrastructure of the botnets, gather information to identify the criminals and help find and rescue some infected machines.

The company said that U.S. Marshalls helped it seize servers on Friday at hosting centers in Scranton, Pennsylvania and Lombard, Illinois after it won a court order from a U.S. District judge in Brooklyn, New York.

Microsoft said the team had also shut down some channels that criminals were using to communicate with infected machines and had begun monitoring other parts of the infrastructure.

The software maker said it conducted the operation in collaboration with security firm Kyrus Tech and several financial services industry groups, including the Financial Services Information Sharing and Analysis Center (FS-ISAC) and the National Automated Clearing House Association.

(Reporting By Jim Finkle; Editing by Richard Chang)

Related posts

Death toll in attack on Christmas market in Germany rises to 5 and more than 200 injured

US Senate passes government funding bill, averts shutdown

Trump wants EU to buy more US oil and gas or face tariffs